Skip to content

Commit

Permalink
Fix security workflow from making multiple comments (#658)
Browse files Browse the repository at this point in the history
  • Loading branch information
justafish authored Aug 16, 2024
1 parent 3b12c62 commit 4d53653
Showing 1 changed file with 12 additions and 11 deletions.
23 changes: 12 additions & 11 deletions scaffold/github/workflows/Security.yml
Original file line number Diff line number Diff line change
Expand Up @@ -48,41 +48,42 @@ jobs:

- name: Publish Results
run: |
FIRST=true
COMPOSER_LOCK_DIFF="<!-- composer-lock-diff -->
## Composer Lock Diff
$(cat composer-lock-diff.md)"
COMPOSER_LOCK_DIFF=$(echo "$COMPOSER_LOCK_DIFF" | jq -Rsa .)
EMPTY=true
if [ "$(cat composer-lock-diff.md)" != "" ]; then
echo $COMPOSER_LOCK_DIFF >> $GITHUB_STEP_SUMMARY
EMPTY=false
fi
curl -s -L -f -X GET \
COMPOSER_LOCK_DIFF=$(echo "$COMPOSER_LOCK_DIFF" | jq -Rsa .)
FIRST=true
for i in $(curl -s -L -f -X GET \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
-H "X-GitHub-Api-Version: 2022-11-28" https://api.github.com/repos/${{ github.repository }}/pulls/$DRAINPIPE_PR_NUMBER/comments | jq -rc '.[]|select(.body | contains("<!-- composer-lock-diff -->")) | .id' | while read i; do
-H "X-GitHub-Api-Version: 2022-11-28" https://api.github.com/repos/${{ github.repository }}/pulls/$DRAINPIPE_PR_NUMBER/comments | jq -rc '.[]|select(.body | contains("<!-- composer-lock-diff -->")) | .id'); do
if [ "$FIRST" == "true" ] && [ "$EMPTY" == "false" ]; then
FIRST=false
curl -L \
-X PATCH \
curl -s -L -f -X PATCH \
--output /dev/null \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/${{ github.repository }}/pulls/comments/$i \
-d "{\"body\":$COMPOSER_LOCK_DIFF}"
else
curl -L \
-X DELETE \
curl -s -L -f -X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/${{ github.repository }}/pulls/comments/$i
fi
if [ "$FIRST" == "true" ]; then
FIRST=false
fi
done
if [ "$FIRST" == "true" ] && [ "$EMPTY" == "false" ]; then
curl -L -f \
-X POST \
curl -s -L -f -X POST \
--output /dev/null \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
-H "X-GitHub-Api-Version: 2022-11-28" \
Expand Down

0 comments on commit 4d53653

Please sign in to comment.